From 4fe46fbcef15ea52b06b28a6379d7f1817305fbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9o=20DURR?= Date: Mon, 9 Jan 2023 17:46:34 +0100 Subject: [PATCH] [FIX] 3DSv2 - Echappement du XML et modif tables (#543) * Fixed wrong HMAC signature generation * Updated migration files Co-authored-by: Julien Constant --- counter/migrations/0019_billinginfo.py | 27 ++++++++++++++++---------- counter/models.py | 4 ++-- eboutic/models.py | 4 ++-- 3 files changed, 21 insertions(+), 14 deletions(-) diff --git a/counter/migrations/0019_billinginfo.py b/counter/migrations/0019_billinginfo.py index d45f287e..4a8af24b 100644 --- a/counter/migrations/0019_billinginfo.py +++ b/counter/migrations/0019_billinginfo.py @@ -1,4 +1,4 @@ -# Generated by Django 3.2.15 on 2022-11-14 13:26 +# Generated by Django 3.2.16 on 2023-01-08 12:49 from django.db import migrations, models import django.db.models.deletion @@ -12,6 +12,10 @@ class Migration(migrations.Migration): ] operations = [ + migrations.AlterModelOptions( + name="producttype", + options={"ordering": ["-priority", "name"], "verbose_name": "product type"}, + ), migrations.CreateModel( name="BillingInfo", fields=[ @@ -24,23 +28,26 @@ class Migration(migrations.Migration): verbose_name="ID", ), ), - ("first_name", models.CharField(max_length=30)), - ("last_name", models.CharField(max_length=30)), + ( + "first_name", + models.CharField(max_length=22, verbose_name="First name"), + ), + ( + "last_name", + models.CharField(max_length=22, verbose_name="Last name"), + ), ( "address_1", - models.CharField(max_length=50, verbose_name="address line 1"), + models.CharField(max_length=50, verbose_name="Address 1"), ), ( "address_2", models.CharField( - blank=True, - max_length=50, - null=True, - verbose_name="address line 2", + blank=True, max_length=50, null=True, verbose_name="Address 2" ), ), - ("zip_code", models.CharField(max_length=16, verbose_name="zip code")), - ("city", models.CharField(max_length=50, verbose_name="city")), + ("zip_code", models.CharField(max_length=16, verbose_name="Zip code")), + ("city", models.CharField(max_length=50, verbose_name="City")), ("country", django_countries.fields.CountryField(max_length=2)), ( "customer", diff --git a/counter/models.py b/counter/models.py index ea8c2338..564d6a3b 100644 --- a/counter/models.py +++ b/counter/models.py @@ -154,8 +154,8 @@ class BillingInfo(models.Model): # declaring surname and name even though they are already defined # in User add some redundancy, but ensures that the billing infos # shall stay correct, whatever shenanigans the user commits on its profile - first_name = models.CharField(_("First name"), max_length=30) - last_name = models.CharField(_("Last name"), max_length=30) + first_name = models.CharField(_("First name"), max_length=22) + last_name = models.CharField(_("Last name"), max_length=22) address_1 = models.CharField(_("Address 1"), max_length=50) address_2 = models.CharField(_("Address 2"), max_length=50, blank=True, null=True) zip_code = models.CharField(_("Zip code"), max_length=16) # code postal diff --git a/eboutic/models.py b/eboutic/models.py index 0c5c7dc7..99fe6410 100644 --- a/eboutic/models.py +++ b/eboutic/models.py @@ -206,8 +206,8 @@ class Basket(models.Model): cart, newlines=False ) data += [ - ("PBX_SHOPPINGCART", html.escape(cart)), - ("PBX_BILLING", html.escape(customer.billing_infos.to_3dsv2_xml())), + ("PBX_SHOPPINGCART", cart), + ("PBX_BILLING", customer.billing_infos.to_3dsv2_xml()), ] pbx_hmac = hmac.new( settings.SITH_EBOUTIC_HMAC_KEY,